Question

Locked

How to patch MSMQ vulnerability that should have been fixed with KB892944?

By rebelleader ·
I have an issue related to a Microsoft Security patch. I have several hundred Windows XP machines that are at the most current patch level. All appropriate Windows updates have been applied. I ran an internal vulnerability scan and found that all of my machines are vulnerable to a flaw that was supposed to be fixed by KB892944. This flaw should only affect machines pre Service pack 2 without the noted KB applied. I have downloaded the noted KB and have tried to install it, but I receive an error that my current service pack level is newer than the update. What options do I have to get this vulnerability patched? Thank you for any assistance and let me know if there is any further informatio that would be helpful.

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

That's a tricky question

by robo_dev In reply to How to patch MSMQ vulnera ...

My thought would be to extract the patch and see if it's just a 'one or two DLL' patch or something really messy

Supported Security Update Installation Switches
Switch Description
/extract[:path] Extracts files without starting the Setup program

http://www.microsoft.com/technet/security/bulletin/ms05-017.mspx

Collapse -

Reponse To Answer

by rebelleader In reply to That's a tricky question

Looking at the contents of the extracted update, there are 8 .DLLs and 1 .SYS file that look like they apply to my issue.

I guess I can try to put these files into their proper locations, register them and see if the issue is corrected.

I am going to have to do a fair amount of QA testing on my test equipment to be certain that this does not break anything.

Thank you for the quick response.

Collapse -

Reponse To Answer

by rebelleader In reply to That's a tricky question

After looking more at depth into the properties of the DLLs, thones that are currently in use on my systems are considerably newer than the ones included in the updates. I will not be applying the DLLs manually.

Collapse -

KB892944

by rumseycw In reply to How to patch MSMQ vulnera ...

MSMQ vulnerability has been addressed in XP SP2 and XP SP3. The patch was for XP SP1 and below.

You can now update to the latest Service Pack (SP3) using SUS or SMS. Please see technet page http://www.microsoft.com/technet/security/bulletin/ms05-017.mspx

Collapse -

Reponse To Answer

by rebelleader In reply to KB892944

I am currently at SP3 and I understand that the MSMQ vulnerability had been addressed. My internal vulnerability scan however still shows a security hole in MSMQ and notes the patch as the fix for the problem. I use WSUS to manage my Windows updates and have verified that every update that Microsoft thinks my machines need have been applied.

Collapse -

This really sounds like a False Positive

by OH Smeg In reply to How to patch MSMQ vulnera ...

I would ignore it for the time being and ask M$ Directly on your Usual Channel Account as to what to make of this Message/Report.

Col

Collapse -

Reponse To Answer

by rebelleader In reply to This really sounds like a ...

I thought that might be the case as well. To test I turned off the MSMQ service and ran my test again. The machine tested clean. When I turned the service back on and ran the test, the vulnerability was back. The problem looks to really be present.

I do not have the luxury to ignore it as this flaw will cause me to fail a security audit that I am going to be going through in the next few months. I will contact Microsoft to discuss this problem, but am still open to any other suggestions from the community.

Thank you again for assisting.

Back to Security Forum
8 total posts (Page 1 of 1)  

Related Discussions

Related Forums